[AusNOG] Consensus from the IETF 88 Technical Plenary - Internet hardening

Dobbins, Roland rdobbins at arbor.net
Fri Nov 8 17:51:06 EST 2013


On Nov 8, 2013, at 12:54 PM, George Fong <george at lateralplains.com> wrote:

> I think you have missed the point of where IETF is going with this

I think the IETF have missed the point of where the various governments are going with this, and will go in the near future, if unchecked.

> There's a maturity of understanding within the greater populations of the planet about the Internet and what it means to civil society. 

Apparently, we're talking about different planets and/or different Internets.

;>

> What it has done is set a clear technical aspiration and that's the debate we need to have here.

That's the debate I in which I thought I was participating.  I think the technical aspiration is flawed and improperly scoped, and that it will not achieve the stated goals of its promulgators.  In fact, I believe that it will have severe negative consequences that will far outweigh its benefits -  assuming any benefits actual accrue.

> We'll let the civil society debate in other forums decide the extent to which the technical processes that are developed from here on can be applied.

You can't have it both ways.  The IETF statement was a reaction to specific conditions within civil society, and the putative remedies it advocates are intended to ameliorate those conditions.

Encryption <> security.  Security <> encryption.  Technical security <> civil security.  Encryption <> civil security.

I'm all in favor of 'THE IETF SHOULD CREATE SECURE VERSIONS OF POPULAR NON-SECURE PROTOCOLS'.  What I'm against is equating encryption with security; with the perception of encryption as a universal panacea; with what I consider the naive view that this will make one whit of difference to 21st-Century governments (after all, this is about 'PERVASIVE SURVEILLANCE', and that's performed by modern governments); and with the severely negative unintended consequences of what's being bruited about.

This is an attempt to utilize technical means to cure purely social ills.  Not only is it addressing the symptoms instead of the underlying causes, I'm very concerned that it has the potential to make both the symptoms and the underlying causes worse, not better, while at the same time giving folks the illusion that they're actually achieving anything.  It is a harmful placebo.

If folks want to put a stop to pervasive governmental surveillance, it has to be done via the ballot-box, not the IETF.  Because governments can and will engage in rubber-hose cryptanalysis, when it suits their ends:

<http://xkcd.com/538/>

I've said my piece on this, so I won't spam the list any further on this topic.

-----------------------------------------------------------------------
Roland Dobbins <rdobbins at arbor.net> // <http://www.arbornetworks.com>

	  Luck is the residue of opportunity and design.

		       -- John Milton




More information about the AusNOG mailing list